Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

Wednesday, February 6, 2008Daily Report

• The Atlanta Journal-Constitution reports that an employee of the Georgia Department of Transportation has confessed to falsifying dozens of bridge inspection reports since last fall, filing reports for bridges he did not inspect. The department will send other inspection crews to inspect the 54 bridges the employee confessed to lying about, as well as another 68 in Fulton County that raised officials’ suspicions and 278 bridges in Gwinnett County that the employee’s team had left on its list. (See item 14)

• According to the International Herald Tribune, four undersea communication cables have been cut in the past week, raising questions about the safety of the oceanic network that handles the bulk of the world’s Internet and telephone traffic. No one knows what damaged the cables or whether the incidents were related. Communications in the Middle East have been hardest hit by the damage – though India, the U.S., and Europe also experienced slowdowns. (See item 26)

Information Technology

23. February 5, InformationWeek – (National) Google debuts e-mail security services for business. Google plans to announce today new e-mail security, encryption, and archiving services for corporate e-mail users. Google’s new security and compliance offerings – Google Message Filtering, Google Message Security, and Google Message Discovery – will be made available to users of Google Apps and to users of other e-mail systems, including Lotus Notes, Microsoft Exchange, and Novell’s Groupwise. Google Message Filtering provides spam and malware filtering. Google Message Security combines Google Message Filtering with enhanced virus detection, outbound processing to prevent data leaks, and content policy management. Google Message Discovery includes the Filtering and Security services, plus one year of searchable message archiving. With so much spam and malware polluting the Internet, the founder of Excel Micro, a distributor of Google Apps Security and Compliance Products, says that small businesses just cannot manage their own e-mail infrastructure effectively. “We’re seeing a large number of clients come to the software-as-a-service model because the spam traffic is too great to do it yourself,” he said.

24. February 4, Dark Reading – (International) MayDay! Sneakier, more powerful botnet on the loose. A new peer-to-peer (P2P) botnet even more powerful and stealthy than the infamous Storm has begun infiltrating mostly U.S.-based large enterprises, educational institutions, and customers of major Internet service providers. The MayDay botnet can evade leading antivirus products, and so far has compromised thousands of hosts, according to Damballa, which says 96.5 percent of the infected machines are in the U.S. and about 2.5 percent in Canada. Damballa first hinted of this potential successor to Storm late last year. MayDay uses a combination of techniques to communicate with its bots, including hijacking browser proxy settings, says the vice president of engineering for Damballa. He says, “It can communicate through an enterprise’s secure Web proxy and conduct updates and attack activities” – a unique method for a botnet. The Web proxy approach also demonstrates that this is no random bot infection: “Designing bot malware to specifically use Web proxies is a clear indicator that it’s targeting [specific] enterprise systems,” he says. The botnet uses two forms of P2P communications to ensure it can talk to its bots, including the Internet Control Message Protocol. “This malware is for multiple protocols and is specifically designed to be successful despite whatever security controls might be” in place, he says. The infection comes in the form of what appears to the victim to be an Adobe Reader executable, but is actually the malware.

25. February 5, PC Magazine.com – (National) FCC: Mobile phone service nears 99 percent. Almost 99 percent of the U.S. population has access to at least one or more mobile phone provider, and 80 percent of Americans now subscribe to wireless service, according to a Monday report from the Federal Communications Commission (FCC). Looking at census information and maps from American Roamer, which produces details maps of network coverage boundaries, the FCC found that 280 million Americans, or 99.8 percent, have one or more options when it comes to choosing a cell phone provider. Last week, a similar report by the Department of Commerce found that U.S. broadband penetration also achieved the 99 percent mark, although some critics labeled it as self-serving. According to the FCC, more than 95 percent of Americans have at least three wireless options, while half of the U.S. population has at least five competing wireless providers in their area, the report said. Of those in rural areas, 99.3 percent have access to one or more provider. Between 2005 and 2006, wireless subscribers jumped from 213 million to 242 million. Approximately 80 percent of all Americans now subscribe to cell phone service, according to the report.

26. February 4, International Herald Tribune – (International) Ruptures call safety of Internet cables into question. Four undersea communication cables have been cut in the past week, raising questions about the safety of the oceanic network that handles the bulk of the world’s Internet and telephone traffic. Most telecommunications experts and cable operators say that sabotage seems unlikely, but no one knows what damaged the cables or whether the incidents were related. One theory – that a wayward ship traveling off course because of bad weather was responsible for cutting the first two cables last week – was dismissed by the Egyptian government over the weekend. No ships passed the area in the Mediterranean where the cables were located, the country’s Ministry of Communications said Sunday. “This has been an eye-opener for us, and everyone in the telecom industry worldwide,” said the secretary of the Internet Service Providers Association of India. Today, the cause of the problem may have been an anchor, “but what if it is sabotage tomorrow?” he asked. “These are owned by private operators, and there are no governments or armies protecting these cables,” he added. Communications in the Middle East have been hardest hit by the damage – though India, the U.S., and Europe also experienced slowdowns. Telecommunications operators have been trying to diversify the routes they can use for transmissions in recent years, said the research director at TeleGeography Research, particularly since an earthquake in Taiwan in 2006 disrupted service in Asia. The cable network contains “choke points” – like those off the coast of Egypt and Singapore where many cables run – and operators need to make sure their transmission routes are diversified, he said. Undersea cables carry about 95 percent of the world’s telephone and Internet traffic, according to the International Cable Protection Committee, an 86-member group that works with fishing, mining, and drilling companies to curb damage to submarine cables.

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"